SilverLABS/SilverMetal
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

SilverMetal Windows: first-boot experience & branding #6

Merged
SilverLABS merged 25 commits from feat/first-boot-branding into main 2026-06-09 14:30:04 +00:00
Conversation 0 Commits 25 Files Changed 27 +1864 -25
SilverLABS commented 2026-06-09 14:06:43 +00:00
Owner
Copy Link

Implements the declarative branding build + hardened onboarding kiosk + branded first-boot presentation for SilverMetal Windows. Fills the empty Invoke-Brand (M4 branding) stub. Spec: windows/docs/superpowers/specs/2026-06-09-first-boot-branding-design.md; plan: windows/docs/superpowers/plans/2026-06-09-first-boot-branding.md.

What's in here (3 components)

A — Declarative branding (windows/branding/, shared dual-mode)

  • Apply-Branding.ps1 -Mode Offline|-Online bakes 4 layers into the offline WIM hives (or a live system for self-apply): OEM About (OEMInformation), lock screen (PersonalizationCSP + NoChangingLockScreen, locked), desktop wallpaper/dark/cyan-accent into the default-user hive (changeable), and the BitLocker pre-boot recovery message (Policies\Microsoft\FVE).
  • Wired into build.ps1 Invoke-ServiceWim (runs while the WIM is mounted). Pester unit tests + a CI step.

B — Hardened kiosk (build-only, the one-time sm-bootstrap session)

  • Configure-Kiosk.ps1 (run from SetupComplete.cmd as SYSTEM): Shell Launcher v2 sets the sm-bootstrap shell to an elevating launcher for the Welcome app (no Explorer → no taskbar/Start); Keyboard Filter + escape policies block Win/Win+L/Ctrl+Esc/Task Manager/lock.
  • Kiosk features enabled offline in build.ps1. The autounattend.xml FirstLogonCommands launch is removed (Shell Launcher now launches the app). RevertKioskAsync tears the kiosk down on wizard success (before sm-bootstrap deletion), so the real user gets a normal branded desktop.

C — First-boot presentation (MAUI Welcome app)

  • Borderless, fullscreen, non-closable WinUI window (WindowExtensions.ApplyKioskChrome).
  • The real wizard (SilverOS.Welcome.UI/Routes.razor) now renders as a centered frosted glass card on the existing void wall — a scoped app.css .wizard change. The app already shipped the on-brand "Mercury" palette (#00d4ff/#00e5a0/void), so this is additive framing, not a rebrand.

Naming / content decisions

User-facing surfaces say "SilverMetal Windows" (the Enhanced line is hardened Windows, not our own OS). Support URL https://silverlabs.uk; generic OEM Model; minimal URL-only BitLocker recovery message. Renaming the internal SilverOS.* app/namespace/paths is a deliberate out-of-scope follow-up.

Honest limitations / follow-ups

  • BitLocker pre-boot: only the recovery screen message+URL are customizable; the normal PIN-entry screen text is fixed Windows UI (can't be branded).
  • VM-verified items: exact FVE recovery value names, PersonalizationCSP reliability, and DWM accent byte-order/rendering are the kind of thing the offline registry can write but only a real image confirms — verify in the VM e2e before a SKU batch.
  • Placeholder void/cyan assets (windows/branding/assets/) until final brand identity lands.
  • Keyboard Filter rules remain enabled (inert) after teardown — fine for the real user; revisit if any blocked key is wanted.

Verification

  • Branding Pester: 6/6 unit tests pass (offline-integration reg load test runs in CI as SYSTEM).
  • Welcome solution: builds clean, 30/30 tests pass.
  • All PowerShell parses; autounattend.xml valid; build.ps1 ordering verified (branding runs mounted, no mount leak).
  • Not yet done: full VM boot e2e (kiosk lockdown + glass card + branded real-user desktop) — operator step on the existing VM 102 harness; CI builds the packed ISO on the Windows runner.

🤖 Generated with Claude Code

Implements the **declarative branding build + hardened onboarding kiosk + branded first-boot presentation** for SilverMetal Windows. Fills the empty `Invoke-Brand` (M4 branding) stub. Spec: `windows/docs/superpowers/specs/2026-06-09-first-boot-branding-design.md`; plan: `windows/docs/superpowers/plans/2026-06-09-first-boot-branding.md`. ## What's in here (3 components) **A — Declarative branding** (`windows/branding/`, shared dual-mode) - `Apply-Branding.ps1 -Mode Offline|-Online` bakes 4 layers into the offline WIM hives (or a live system for self-apply): OEM About (`OEMInformation`), lock screen (`PersonalizationCSP` + `NoChangingLockScreen`, **locked**), desktop wallpaper/dark/cyan-accent into the default-user hive (**changeable**), and the BitLocker pre-boot recovery message (`Policies\Microsoft\FVE`). - Wired into `build.ps1` `Invoke-ServiceWim` (runs while the WIM is mounted). Pester unit tests + a CI step. **B — Hardened kiosk** (build-only, the one-time `sm-bootstrap` session) - `Configure-Kiosk.ps1` (run from `SetupComplete.cmd` as SYSTEM): Shell Launcher v2 sets the `sm-bootstrap` shell to an elevating launcher for the Welcome app (no Explorer → **no taskbar/Start**); Keyboard Filter + escape policies block Win/Win+L/Ctrl+Esc/Task Manager/lock. - Kiosk features enabled offline in `build.ps1`. The `autounattend.xml` `FirstLogonCommands` launch is **removed** (Shell Launcher now launches the app). `RevertKioskAsync` tears the kiosk down on wizard success (before `sm-bootstrap` deletion), so the real user gets a normal branded desktop. **C — First-boot presentation** (MAUI Welcome app) - Borderless, fullscreen, non-closable WinUI window (`WindowExtensions.ApplyKioskChrome`). - The real wizard (`SilverOS.Welcome.UI/Routes.razor`) now renders as a centered **frosted glass card** on the existing void wall — a scoped `app.css` `.wizard` change. The app already shipped the on-brand "Mercury" palette (`#00d4ff`/`#00e5a0`/void), so this is additive framing, not a rebrand. ## Naming / content decisions User-facing surfaces say **"SilverMetal Windows"** (the Enhanced line is hardened Windows, not our own OS). Support URL `https://silverlabs.uk`; generic OEM Model; minimal URL-only BitLocker recovery message. Renaming the internal `SilverOS.*` app/namespace/paths is a deliberate **out-of-scope follow-up**. ## Honest limitations / follow-ups - **BitLocker pre-boot:** only the *recovery* screen message+URL are customizable; the normal PIN-entry screen text is fixed Windows UI (can't be branded). - **VM-verified items:** exact `FVE` recovery value names, `PersonalizationCSP` reliability, and DWM accent byte-order/rendering are the kind of thing the offline registry can write but only a real image confirms — verify in the VM e2e before a SKU batch. - Placeholder void/cyan assets (`windows/branding/assets/`) until final brand identity lands. - Keyboard Filter rules remain enabled (inert) after teardown — fine for the real user; revisit if any blocked key is wanted. ## Verification - Branding Pester: 6/6 unit tests pass (offline-integration `reg load` test runs in CI as SYSTEM). - Welcome solution: builds clean, **30/30** tests pass. - All PowerShell parses; `autounattend.xml` valid; build.ps1 ordering verified (branding runs mounted, no mount leak). - **Not yet done:** full VM boot e2e (kiosk lockdown + glass card + branded real-user desktop) — operator step on the existing VM 102 harness; CI builds the packed ISO on the Windows runner. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
SilverLABS added 22 commits 2026-06-09 14:06:43 +00:00
docs(windows): first-boot experience & branding design spec 66e7fd4ae8 
Design for SilverMetal Windows first-boot: declarative branding build
(4 layers baked offline into the WIM, shared dual-mode module), hardened
onboarding kiosk (Shell Launcher v2 + Keyboard Filter for the one-time
sm-bootstrap session), and the Hybrid fullscreen glass-card presentation
for the Welcome app. Fills the empty Invoke-Brand stub (M4 branding).

Approved in brainstorming. Next: writing-plans.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
docs(windows): first-boot branding implementation plan e4241f7f59 
Phased TDD plan: A (branding module, hardware-free), B (kiosk: Shell
Launcher v2 + Keyboard Filter), C (MAUI fullscreen glass presentation),
D (build integration + VM e2e). Bite-sized tasks with complete code.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
feat(branding): manifest + module skeleton for SilverMetal Windows branding 73d6611ab5
feat(branding): registry helper + Pester harness 7de5262c43
feat(branding): OEM/lockscreen/desktop/bitlocker layer writers + tests 320b4c675a
feat(branding): Apply-Branding orchestrator (offline/online) + placeholder assets 50856b8f28
feat(build): wire branding into Invoke-ServiceWim (offline hive bake) bd5d82f6b4
docs(tests): document branding test suite + elevation requirement 6aa963f024 
ci(branding): run branding Pester suite before Build packed ISO step
fix(branding): guard reg unload, set ErrorAction in libs, accent field rename, test hive unload + assertions 4ff12ab543
feat(kiosk): Configure-Kiosk.ps1 (Shell Launcher v2 + Keyboard Filter + escapes) f00ef19578
feat(build): enable kiosk features offline + stage Configure-Kiosk.ps1 f199981cf1
feat(kiosk): configure kiosk from SetupComplete before first logon a8d7522a70
feat(kiosk): drop FirstLogonCommands launch (Shell Launcher owns launch) c14fcf67b1
feat(kiosk): revert kiosk (shell launcher + escapes) on wizard success ee2d6fd8f2
fix(kiosk): re-fetch WESL after enable, robust launcher quoting, intent comments 2d8b651e34 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
feat(welcome): borderless fullscreen non-closable kiosk window 64ae04d56c
feat(welcome): SilverMetal void/cyan glass stylesheet bb7b4b0fed
feat(welcome): Hybrid glass-card shell in MainLayout 395e86137b
chore(welcome): remove stock template nav from kiosk shell 65de29c58b
fix(welcome): remove dead Phase C artifacts (silvermetal.css, App-project layout edits) f314dccf53 
Delete wwwroot/css/silvermetal.css (sm-* selectors targeting no markup),
remove its <link> from index.html, and restore App-project stock Layout/Pages
components (MainLayout, NavMenu, Home) to their pre-Phase-C state at 2d8b651.
These files are unused dead-code — the wizard shell lives in SilverOS.Welcome.UI.
feat(welcome): frosted glass-card framing for wizard on void wall 83ee152277 
Replace the full-viewport .wizard rule with a fixed-inset frosted-glass card
(backdrop-filter blur, semi-transparent surface, rounded corners, inset shadow)
so the Mercury void/gradient wall shows behind and around the card. Adds
@keyframes sm-rise entrance animation and a body::after SILVERMETAL wordmark
watermark on the wall. Targets the real .wizard class in SilverOS.Welcome.UI/
Components/Routes.razor — no App-project markup touched.
fix(branding): opaque ARGB/ABGR accent DWORDs; fix stage labels + stale launch comments
Some checks failed
Build SilverMetal Enhanced - Windows ISO / build (pull_request) Failing after 43s
Details
9e9af94dfd 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
SilverLABS added 1 commit 2026-06-09 14:10:44 +00:00
ci(branding): force Pester 5 + use v5 config object (fix -Output ambiguity vs Pester 3)
Some checks failed
Build SilverMetal Enhanced - Windows ISO / build (pull_request) Failing after 46s
Details
500e21f186 
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
SilverLABS added 1 commit 2026-06-09 14:14:39 +00:00
fix(build): discard stale image mounts at startup + ephemeral CI WorkDir
All checks were successful
Build SilverMetal Enhanced - Windows ISO / build (pull_request) Successful in 4m54s
Details
bc847ea6d9 
A prior aborted build left a DISM image mounted in the fixed WorkDir,
locking install.wim and breaking the Stage 2 extract clean-up. Add a
Stage 0 that discards any orphaned SilverMetal mounts + loaded hives
before recreating the work dirs, and run CI in an ephemeral per-job
RUNNER_TEMP WorkDir so concurrent/aborted runs can't collide.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
SilverLABS added 1 commit 2026-06-09 14:24:45 +00:00
Merge remote-tracking branch 'origin/main' into feat/first-boot-branding
All checks were successful
Build SilverMetal Enhanced - Windows ISO / build (pull_request) Successful in 4m35s
Details
4e46f81f3e 
# Conflicts:
#	windows/welcome/src/SilverOS.Welcome.Core/Apply/BootstrapService.cs
SilverLABS merged commit 864c99edcd into main 2026-06-09 14:30:04 +00:00
SilverLABS deleted branch feat/first-boot-branding 2026-06-09 14:30:04 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
SilverLABS
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: SilverLABS/SilverMetal#6
Delete Branch "feat/first-boot-branding"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?